This commit centralizes Windows version constraints through a new
function for improved clarity, maintainability and reusability.
Changes:
- Add `RunPowerShellWithWindowsVersionConstraints` function
- Support specifying minimum and maximum Windows versions
- Introduce user-friendly tags like `Windows11-FirstRelease`
- Fix version logic by correcting incorrect block syntax in various
functions.
This commit unifies executable ID structure across categories and
scripts, paving the way for more complex ID solutions for #262.
It also refactors related code to adapt to the changes.
Key changes:
- Change numeric IDs to string IDs for categories
- Use named types for string IDs to improve code clarity
- Add unit tests to verify ID uniqueness
Other supporting changes:
- Separate concerns in entities for data access and executables by using
separate abstractions (`Identifiable` and `RepositoryEntity`)
- Simplify usage and construction of entities.
- Remove `BaseEntity` for simplicity.
- Move creation of categories/scripts to domain layer
- Refactor CategoryCollection for better validation logic isolation
- Rename some categories to keep the names (used as pseudo-IDs) unique
on Windows.
This commit updates the YAML schema to permit explicitly setting
`recommend: null` or `recommend: ~` in scripts within collection files.
Previously, the schema only allowed string values for the recommendation
field, restricting it to 'standard' or 'strict'. By introducing the
`RecommendationLevel` definition, the schema now supports both string
and null values, providing more flexibility in specifying
recommendations in collection YAML files.
This commit introduces a new shared function to centralize all usages of
`reg delete .. /va`. The new function generates comments in code and can
recurse through subkeys. This enhances maintainability and reliability
by avoiding potential misuse or syntax errors.
Key changes:
- Add `ClearRegistryValues` function
- Update scripts to use the new function
- Add ability to recurse subkeys for registry value deletion, addressing
issues where desired data was not deleted.
Other supporting changes:
- Improve documentation of the changed scripts.
- Add missing registry paths in scripts.
- Change value removal to value/subkey removal for correct behavior.
- Remove removal of undocumented keys.
- Rename related scripts for clarity.
- Adjust script recommendations.
Before this commit, license deletion used `reg delete .. /va /f`, which
deletes all valued under a key. However, the license data did not exist
under the specified subkeys, making the logic ineffective. This commit
changes it to delete the license registry key completely to correctly
remove the license data.
Changes:
- Change `reg delete /va` to delete the correct registry data.
- Create shared function for deleting license data for better
maintainability.
- Add comment in generated script code for license removal.
- Add documentation for the scripts.
- Include a missing script to clear Visual Studio 2013 telemetry.
- Remove redundant lines of code in `CreateRegistryKey` and
`DeleteRegistryKey` that initialize an unused variable.
This commit reorganizes scripts related to disabling Defender's data
collection and telemetry into a dedicated category. This improves
usability for users focused on enhancing privacy without needing to
understand technical details of each option.
Changes:
- Create "Disable Defender data collection" category
- Move related scripts under new category
- Improve script documentation and naming
- Add alternate configurations to some scripts
- Fix extended cloud check feature being enabled instead of disabled
- Update script recommendations to 'Strict'
- Restructure and expand rename CEIP-related scripts for clarity and
granularity.
- Add missing tasks and registry keys for comprehensive CEIP disabling.
- Improve documentation with detailed explanations and references.
- Rename scripts for better user understanding and consistency
- Fix incorrect revert behavior in some scripts
- Introduce SetRegistryValueAsTrustedInstaller function to unify setting
registry values as TrustedInstaller.
- Introduce RunPowerShellWithMinimumWindowsVersion function to unify
Windows version specific registry modifications.
- Add more documentation for scripts using TrustedInstaller.
- Correct revert code for affected scripts to match default OS behavior
(setting registry value back) instead of just deleting keys.
- Add comprehensive documentation with security cautions
- Expand SmartScreen disabling for Internet Explorer
- Fix registry data for Internet Explorer SmartScreen disabling
- Add disabling of `smartscreen.exe` process, resolving #385
- Implement additional SmartScreen disabling methods
- Correct registry key for Store apps
- Simplify script names for clarity
This commit increases strictnes of tests by failing on tests (even
though they pass) if `console.warn` or `console.error` is used. This is
used to fix warning outputs from Vue, cleaning up test output and
preventing potential issues with tests.
This commit fixes all of the failing tests, including refactoring in
code to make them more testable through injecting Vue lifecycle
hook function stubs. This removes `shallowMount`ing done on places,
improving the speed of executing unit tests. It also reduces complexity
and increases maintainability by removing `@vue/test-utils` dependency
for these tests.
Changes:
- Register global hook for all tests to fail if console.error or
console.warn is being used.
- Fix all issues with failing tests.
- Create test helper function for running code in a wrapper component to
run code in reliable/unified way to surpress Vue warnings about code
not running inside `setup`.
Refactor `ModalDialog` unit tests to use `shallowMount` consistently.
Previously, tests sometimes failed due to the `UseSvgLoader` hook
attempting icon loads during component teardown, which occasionally led
led to errors when the `window` object became unavailable. By
switching to `shallowMount`, tests no longer deeply render child
components, mitigating the risk of such errors and aligning with
unit testing best practices.
Additionally, this commit sets a default value for the `modelValue`
prop in test setups to address Vue warnings about missing required
props, further stabilizing the test environment.
This commit addresses the issue of Chromium v126 and later not displaying
error messages correctly when the error object's `message` property uses
a getter. It refactors the code to utilize an immutable Error object with
recursive context, improves error message formatting and leverages the
`cause` property.
Changes:
- Refactor error wrapping internals to use an immutable error object,
eliminating `message` getters.
- Utilize the `cause` property in contextual errors for enhanced error
display in the console.
- Enhance message formatting with better indentation and listing.
- Improve clarity by renaming values thrown during validations.
This commit refactors SCSS to resolve deprecation warnings related to
mixed declaration after nested rules.
Sass is changing how it processes declarations that appear after nested
rules to align with CSS standards. Previously, Sass would hoist
declarations to avoid duplicating selectors, However, this behavior will
soon change to make declarations apply in the order they appear, as per
CSS standards.
This commit refactors existing text utility functions into the
application layer for broad reuse and integrates them across
the codebase. Initially, these utilities were confined to test
code, which limited their application.
Changes:
- Move text utilities to the application layer.
- Centralize text utilities into dedicated files for better
maintainability.
- Improve robustness of utility functions with added type checks.
- Replace duplicated logic with centralized utility functions
throughout the codebase.
- Expand unit tests to cover refactored code parts.
This commit updates the Windows scripts to handle Firefox installations
acquired through the Microsoft Store. It adds support by modifying
script functions to clear and delete profile directories specific to
this version of Firefox.
Optimize PowerShell script invocation to differentiate actions based on
Windows version. This revision introduces a more efficient way to handle
version-specific scripting within Windows collection by abstraction
complexity into dedicated shared functions.
This commit positions the close button on modaals to remain visible on
small screens.
This fix addresses an issue where the dialog's close button was being
obscured by the vertical scrollbar on narrow screens. This problem was
particularly evident in Chromium browsers, which display a larger
scrollbar.
This change includes a new mixin to document the purpose. The mixin sets
the position of close button to `absolute` and aligns it to the top
right. This way, the button stays visible and accessible regaRdless of
The scrollbar's presence, thereby improving the user inTerfaCE usability
on deviceS with smaller screens.
The previous layout lacked a specified gap between the node header and
the documentation toggle button in the tree view. This resulted in a
crowded appearance, making the interface look cluttered and reducing
readability, especially on smaller screens.
This commit introduces a relative gap, adjusting the spacing based on
the text size. This change enhances the visual separation and improves
user interaction by ensuring the documentation button and text do not
overlap, regardless of screen size.
This commit changes the mechanism to disable services using
TrustedInstaller privileges, improving consistency and flexibility.
Key changes:
- Introduce `DisableServiceInRegistryAsTrustedInstaller` as a shared
function to standardize the disabling process. This function aligns
with existing ones to facilitate easier testing and method switching.
- Update the revert logic to avoid unnecessary service restarts when
they are manually started.
- Enhance readability with added comments in generated code sections.
- Improve documentation for `DisableService` and
`DisableServiceInRegistry` to reflect new functionalities.
- Support multiline code in `RunInlineCodeAsTrustedInstaller` for
complex scenarios.
Other supporting changes:
- Remove redundant TrustedInstaller privileges in the `Sense` service
disabling.
- Document default service statuses to inform about service behaviors
across different Windows versions.
This commit improves the scripts configuring Edge. It improves their
categorization, naming and adds scripts to disable Bing ads and Search
bar along with others to disable ads/data collection.
Changes:
- Add new scripts to configure Edge, such as blocking ads and AI
features that collects data.
- Improve categorization and documentation consistency.
This commit adds scripts to block automatic updates for Microsoft Edge
and WebView2 on Windows, aimed at enhancing user privacy as per the
issue #309.
Changes:
- Create a new category for scripts targeting Edge and WebView2 updates.
- Add scripts for disabling automatic update services, scheduled tasks,
and executable blocking, along with registry configurations.
Other supporting changes:
- Remove comments in code that indicates reusing of small text parts.
This approach does not encourage creating unique content.
This commit improves the script organization, documentation and code for
Edge and Chrome browser by simplifying naming, categorizing
configurations, and unifying documentation and generated code.
Changes:
- Rename "Edge (Chromium)" to "Edge" for clarity, with "Edge (Legacy)"
detailed explicitly in the script titles.
- Flatten Edge settings under a unified "Configure" category.
- Enhance script documentation to improve clarity.
- Move "Your browser is managed" warning from script titles to script
documentation.
- Introduce shared functions for configuring Edge and Chrome, leading to
better consistency in generated code.
- Update scripts to include restart suggestions in generated code.
- Improve documentation of affected scripts.
- Split some scripts for increased granularity, easier maintenance and
focused documentation.
- Fix some Windows UI scripts being incorrectly categorized as Edge
configurations.
This commit introduces a placeholder ifle creation step necessary for
the uninstallation process of Microsoft Edge on Windows 10, as discussed
in #309. The file simulates the presence of Microsoft Edge (Legacy),
which newer uninstallers check for before proceeding with the
uninstallation.
This change resolves the observed issue where the uninstaller fails to
recognize the absence of Legacy Edge, hindering the uninstallation
process.
Changes:
- Add placeholder file creation/removal for legacy Edge.
- Update and improve the documentation.
If Edge is uninstalled using an existing installer, it may delete other
installers. When the script attempts to use these deleted installers,
it results in an error: `The system cannot find the file specified.`.
This commit addresses the issue by checking for the existence of the
uninstaller during the iteration and handling cases where it is missing.
Previously, compiler outputted whole executable in error context. This
caused long and hard to read error messages, especially when the
executable is a long category with many children. This commit improves
readability by trimming the error output.
Changes:
- Trim the error output (max characters: 1000).
- Improve indenting and newlines.
This commit introduces type validation for parameter values within the
parser/compiler, aligning with the YAML schema. It aims to eliminate
dependencies on side effects in the collection files.
This update changes the treatment of data types in the Windows
collection, moving away from unintended type casting by the compiler.
Previously, numeric and boolean values were used even though only
string types were supported. This behavior was unstable and untested,
and has now been adjusted to use strings exclusively.
Changes ensure that parameter values are correctly validated
as strings, enhancing stability and maintainability.
This commit improves the validation logic in parser, corrects Windows
collection files to adhere to expected structure. This validation helps
catch errors that previously led to incomplete generated code in scripts
for disabling VSCEIP and location settings.
Changes:
- Add type validation for function call structures in the
parser/compiler. This helps prevent runtime errors by ensuring that
only correctly structured data is processed.
- Fix scripts in the Windows collection that previoulsy had incomplete
`code` or `revertCode` values. These corrections ensure that the
scripts function as intended.
- Refactor related logic within the compiler/parser to improve
testability and maintainability.
This commit improves collection file editing and error detection
directly in the IDE. It adds YAML schema, IDE configuration and
automatic tests to validate it.
- Introduce a YAML schema for collection file.
- Use `yaml-language-server` for enhanced YAML support in VSCode.
- Add telemetry disabling in `configure_vscode.py` to respect user
privacy.
- Add automated checks to validate YAML file structure against the
schema.
- Remove unused properties and do not allow them in compiler.
Previously, scripts under the 'Clear operating system logs' category for
macOS were misaligned due to a lack of individual script
recommendations, as the category itself wrongly used the `recommend:
strict` property. This misconfiguration caused none of these scripts to
appear recommended.
This commit assigns accurate `recommend:` values to each script
within the category.
Key changes:
- Introduce individual recommendations for each script.
- Document scripts to justify recommendations.
- Standardize deletion operations through shared functions.
- Improve script and category naming for clarity.
- Simplify code by unifying redundant path references.
- Add comments in generated user script code.
- Fix specific issue where clearing daily os logs inadvertently affected
configuration files.
This commit corrects a syntax error that prevented the 'Disable text
and handwriting data collection' script from being included since
version 0.13.4. The error was identified in a previous syntax validation
update (commit 6ecfa9b954).
Changes:
- Add a missing dash before 'Disable location access' category. This
fixes the script omission as reported in the issue #369.
- Remove the dash from `revertCode` of `HarvestContacts` registry
modification code, fixing the revert code for 'Disable text and
handwriting data collection' script.
This fix addresses the build errors introduced by stricter syntax checks
and ensures that the script is now properly recognized and executed.
This fix is part of ongoing efforts to improve data handling robustness
and management in script processing.
This script fixes the recommendation property syntax in Windows script
collection. This syntax error prevented the application from
recommending these scripts, even though they were intended to be
recommended.
Affected scripts:
- Disable app access to physical movement
- Disable app access to eye tracking
- Disable app access to human presence
- Disable app access to screen capture
Previously, these scripts used the unsupported 'recommended: standard'
property, which was identified as incorrect after implementing stricter
property validation.
Related commit: 6ecfa9b954
Related issue: #369
This change update these properties to the correct 'recommend:
standard', resolving issues where scripts were not being recommended as
expected.
This commit introduces stricter type validation across the application
to reject objects with unexpected properties, enhancing the robustness
and predictability of data handling.
Changes include:
- Implement a common utility to validate object types.
- Refactor across various parsers and data handlers to utilize the new
validations.
- Update error messages for better clarity and troubleshooting.
This commit consolidates scripts and categories under a unified
'Executable' concept. This simplifies the architecture and improves code
readability.
- Introduce subfolders within `src/domain` to segregate domain elements.
- Update class and interface names by removing the 'I' prefix in
alignment with new coding standards.
- Replace 'Node' with 'Executable' to clarify usage; reserve 'Node'
exclusively for the UI's tree component.
Revert scripts for removing shortcuts previously used hardcoded paths.
These paths are now replaced with system environment variables to allow
for broader configuration compatibility.
This commit adjusts the recommendation level for disabling captive
portal detection from 'Standard' to 'Strict'. This aligns macOS settings
with equivalent recommendations for Linux and Windows.
It improves documentation to provide additional context on implications,
facilitating a better understanding of the change.
This commit improves blocking of execution of executables, providing a
more reliable way to stop execution of unwanted executables.
Introduce a new function to block shell execution of an executable. This
logic is extracted from disabling Chrome Software Reporter tool with
improved logic which does no longer or reset if there is other rules.
This resolves potential issues if there was a blocking rule using same
number which privacy.sexy before overwrote or restored on revert.
Other scripts which terminated executables on launch does now block
their shell execution too for more reliability. A common function is
introduced which streamlines blocking execution of an executable all
known ways which is now reused by these scripts.
This commit additionally improves the Google Software Reporter disabling
script. It removes the code that adds denies permissions on its
installation directory as the new way of preventing executable from
running should be enough. It also adds missing documentation to the
related scripts.
This commit improves the existing Firefox privacy scripts and improves
the categorization and documentation to be simpler and more clear.
Changes:
- Rename and reorganize scripts for disabling browser telemetry and
default browser agent reporting to simplify the structure.
- Improve documentation across scripts to provide clearer guidance on
how the changes improve user privacy.
- Fix revert scripts by removing unnecessary registry key configuration.
- Upgrade `actions/upload-artifact` to `v4` to address deprecation
warnings related to Node.js 16, improving compatibility with GitHub
runners. This resolves the following warning from the runners:
> Node.js 16 actions are deprecated. Please update the following actions
> to use Node.js 20: actions/upload-artifact@v3.
- Centralize the use of the `upload-artifact` action through a new
custom action, improving maintainability and consistency across
workflows.
This commit updates documentation to clarify the impacts of disabling
firewall services, specifically how they affect Windows Sandbox, Docker
and WSL.
This update responds to user feedback from issues #115, #152, #364. The
documentation now guides users more clearly on the consequences of their
actions, potentially preventing unintended service disruptions.
Changes include:
- Expand the caution notes to explicitly mention the impact on
virtualization and isolation features like Windows Sandbox, Docker and
WSL.
- Expand script titles to briefly mention affects on these features.
- Expand documentation to suggest system restart.
- Add an informative message to restart the computer in terminal outputs
after service changes to ensure the settings are applied.
This commit introduces a custom error object to provide additional
context for errors throwing during parsing and compiling operations,
improving troubleshooting.
By integrating error context handling, the error messages become more
informative and user-friendly, providing sequence of trace with context
to aid in troubleshooting.
Changes include:
- Introduce custom error object that extends errors with contextual
information. This replaces previous usages of `AggregateError` which
is not displayed well by browsers when logged.
- Improve parsing functions to encapsulate error context with more
details.
- Increase unit test coverage and refactor the related code to be more
testable.
This commit adjusts the recommendation level for scripts that disable
UWP app access to accommodate user issues #121, #339, #350. It also
extends their documentation to reflect the new changes and with
cautions.
Changes:
- Add caution text for all scripts about potential impacts.
- Move disabling app access to notifications from 'Standard' to
'Strict'. This addresses #121 and #339, where users report lack of
notification as unintended side-effects.
- Move disabling app access to phone calls from 'Standard' to 'Strict'.
This addresses #350 where its effect on the Phone Link app was
reported as an unintended side-effect.
- Consolidate removal of printing UIs under the same category.
- Improve documentation for printing app removal scripts.
- Add removal of previously unlisted 'Print Queue' app, #279.
- Combine removal of `Microsoft.Print3D` and `Windows.Print3D`
into a single script.
- Highlight the importance of removing 'Print 3D' app due to
security risks and recommend it on 'Standard'.
